: Onboard a Harness App to SSPM
Focus
Focus

Onboard a Harness App to SSPM

Table of Contents

Onboard a Harness App to SSPM

Connect a Harness instance to SSPM to detect posture risks.
For SSPM to detect posture risks in your Harness instance, you must onboard your Harness instance to SSPM. Through the onboarding process, SSPM connects to a Harness API and, through the API, scans your Harness instance for misconfigured settings. If there are misconfigured settings, SSPM suggests a remediation action based on best practices.
SSPM gets access to your Harness instance through an API key. During the onboarding process, SSPM prompts you for the API key.
To onboard your Harness instance, you complete the following actions:

Generate an API Access Key and Personal Access Token

To access a Harness API, SSPM requires an API key that contains a personal access token of an administrator who is assigned to the Account Admin role. The API key inherits the permissions of the administrator who generates the key and token.
  1. Open a web browser to the Harness site at www.harness.io and Log in as an administrator assigned to the Account Admin role.
    Required Permissions: You must log in as an administrator who is assigned to the Account Admin role. The account must also have permission to View and to Create/Edit authentication settings.
  2. To open your profile, click on the profile icon in the lower left corner of the window.
  3. On your profile, click + API Key.
    The New API Key dialog is displayed.
  4. Enter a name for your key and Save.
    The New API Dialog closes and the key you saved is shown in the My API Keys area.
  5. For the new API key, click + Token.
    The New Token dialog is displayed.
  6. Enter a name and expiration date for the token and Generate Token.
    Harness generates and displays the personal access token.
    Copy and paste the token into a text file so you can provide it to SSPM during onboarding when SSPM prompts you for the API key.
    Do not continue to the next step unless you have copied the token. You must provide this information when SSPM prompts you for an API key during the onboarding process.

Connect SSPM to Your Harness Instance

By adding a Harness app in SSPM, you enable SSPM to connect to your Harness instance.
  1. From the Add Application Page (Posture SecurityApplicationsAdd Application), click the Harness tile.
  2. Under posture security instances, Add Instance or, if there is already an instance configured, Add New instance.
  3. Enter the API key, and Connect.